STAGIORA STAGIORA Proof of Reality — Even Offline.
Install on Android Install on Apple

Privacy Policy

Last updated: March 28, 2026

1. Introduction

Stagiora (https://www.stagiora.com and related applications) is designed for professional environments such as construction, insurance, and logistics, where the authenticity and integrity of data are important.

Our approach is built around a simple principle: users should remain in control of their records. Unlike conventional cloud-based systems, Stagiora enables records to be created, verified, and stored locally on the user’s device.

This Privacy Policy explains how we process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

2. Data Controller

The data controller for the personal data described in this Privacy Policy is:

Stagiora OÜ
Registration number: 16257362
Email: info@stagiora.com

You have the right to contact us regarding your personal data or lodge a complaint with the Estonian Data Protection Inspectorate (AKI) or your local supervisory authority.

3. Our Data Architecture

Stagiora is built on a clear separation between:

  • data that remains under your control, and
  • data that is processed by Stagiora to operate the service

3.1 Local Data (User-Controlled)

Records created within the application—including images and associated metadata—are:

  • stored locally on your device
  • processed locally
  • not accessed, uploaded, or stored by Stagiora

This ensures that the most sensitive data never leaves your environment.

3.2 Public Verification Indexes (Zero-Trust Architecture)

To enable independent verification, Stagiora maintains cryptographic indexes based on a zero-trust model.

These indexes may include:

  • fingerprints (hashes) of record groups
  • structural integrity markers (e.g. order and grouping)
  • status indicators (trusted, expired, revoked)

These indexes do not contain original data or readable personal information.

They allow any party to:

  • verify the existence and integrity of a dataset
  • confirm that records have not been altered
  • validate the status of a fingerprint

Indexes may be publicly searchable, allowing verification without requiring trust in Stagiora.

3.3 Service and Website Data

To operate the service, we process limited personal data such as:

  • name
  • email address
  • company details
  • technical data (IP address, browser type, usage logs)

4. What Personal Data We Collect

We collect personal data only where necessary.

4.1 Contact and Account Data

When you contact us or interact with the service, we may collect:

  • name
  • email address
  • company information
  • communication content

4.2 Technical Data

When you use our website, we may collect:

  • IP address
  • device and browser information
  • usage data (pages visited, session data)

4.3 Application Data

We do not collect application records or user-generated content.

5. Why We Process Personal Data

We process personal data for the following purposes:

  • providing access to the service
  • responding to user inquiries
  • maintaining security and preventing misuse
  • improving system performance
  • complying with legal obligations

We do not use personal data for unrelated purposes.

6. Legal Bases for Processing

We rely on the following legal bases under GDPR:

  • legitimate interests (Art. 6(1)(f)) – ensuring security, reliability, and service improvement
  • consent (Art. 6(1)(a)) – for cookies and optional features
  • legal obligations (Art. 6(1)(c)) – where required by law
  • contractual necessity (Art. 6(1)(b)) – where you request access to the service

Where legitimate interests are used, we ensure they do not override your rights.

7. Sharing of Personal Data

We do not sell or rent personal data.

We may share limited personal data with trusted providers, including:

  • hosting and infrastructure providers
  • IT and support services

All such providers act under agreements compliant with Article 28 GDPR.

We may also disclose data where required by law.

8. International Data Transfers

If personal data is processed outside the European Economic Area, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs).

9. Data Retention

We retain personal data only as long as necessary:

  • contact and account data – for the duration of the relationship
  • technical logs – for a limited period for security and diagnostics
  • legally required data – according to applicable law

Data is deleted or anonymized once no longer needed.

10. Data Security

We apply appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or loss.

This includes:

  • access controls
  • encryption and secure infrastructure
  • monitoring and logging

At the application level, cryptographic processing occurs locally within the device’s isolated hardware security environment (where supported), minimizing exposure to external threats and unauthorized access.

This architecture reduces reliance on centralized systems and limits the attack surface associated with sensitive data.

11. Your Rights Under GDPR

You have the right to:

  • access your personal data
  • correct inaccuracies
  • request deletion
  • restrict or object to processing
  • receive your data in a portable format
  • withdraw consent
  • lodge a complaint with a supervisory authority

To exercise your rights, contact info@stagiora.com.

12. Cookies

We use cookies to:

  • ensure website functionality
  • analyze performance
  • remember preferences

Where required, we obtain your consent for non-essential cookies.

13. Third-Party Websites

We are not responsible for the privacy practices of third-party websites.

14. Changes to This Privacy Policy

We may update this Privacy Policy. The latest version will always be available on our website.

15. Contact

Stagiora OÜ
Email: info@stagiora.com